.

Stolen CC#

<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sun May 18, 2008 8:27 pm

Stolen CC#

Alright, so.. I get home from ChicagoCon late last night, do my typical Sunday routine of church, house stuff, then visit with my parents. I just got home a few minutes ago and logged into my bank account to pay a couple of bills. I select 'transfer' to move money from my account to the credit card, and I notice that I have more than one credit card to choose to pay off (I only ever use 1 of my cards).

I go back to my 'overview' page, and sure enough, my Amazon card has several attempted charges out of New York (Brooklyn) and New Jersey. Apparently a couple gas stations and a grocery store. I immediately called the CC company and told them the charges were fraudulent and to terminate my account.

Now obviously I'm a paranoid security guy, so I don't just throw my card #'s out there. In addition, these cards (I have 2; mine and my wife's) have never been taken outside of my house since I recived them (they still have stickers on them). The only time they were used, was when I made a purchase through Amazon and signed up for the card to get a discount (and I didn't even know what the account # was for that purchase, so it was never typed in).

So this brings me to the big question, how the hell did they get a hold of my numbers? Lucky guess?
<<

jimbob

Post Mon May 19, 2008 2:40 am

Re: Stolen CC#

Lucky guess is extremely unlikely. Since you've not used the card in publix and it's seen limited online exposure I'd guess someone got the details from the source, the card issuer. The most low-tech way of doing this is to take a copy of the card details when it was issued. In any case it's worth taking a look at your PC just in case you've some nasty code lurking on it someware.

I have heard anecdotally that the introduction of chip and pin actually resulted in an increase in CC fraud simply because of the number of new cards issued.

Jimbob
<<

LSOChris

Post Mon May 19, 2008 8:38 pm

Re: Stolen CC#

damn that sucks. 

one of the many databases that stuff is floating around in probably got nabbed, i'm glad you caught it early.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon May 19, 2008 10:43 pm

Re: Stolen CC#

Thanks for the replies guys.

Yeah, Jimbob, that was one thing that came to mind... somehow someone intercepting it at the source or making a copy of it. From being told it was used at a gas station and a grocery store, I would imagine that they actually have a physical card. Probably some sort of inside job creating a couple of copies here and there. If so, they did a pretty good job on waiting to use it (though I'm sure they had many more to go through). I think I signed up for that card back in Oct or Nov last year.

Chris, I was wondering that too. I've been waiting to hear about an article regarding a recently stolen DB of CC numbers. So far nothing yet, guess we'll see.

At least the charges were flagged by the CC company and placed on hold or whatever they do. So not many made it through, and anything that did it sounds like I'm pretty well protected by fraud coverage.
<<

g00d_4sh

User avatar

Sr. Member
Sr. Member

Posts: 394

Joined: Tue Sep 18, 2007 1:50 pm

Location: Guayaquil, Ecuador

Post Tue May 20, 2008 1:00 pm

Re: Stolen CC#

Luckily the only time I've been 'Frauded' was from Alienware.  One of their employees used my card numbers and such from a previous purchase with thier company.... to buy 3600$ computer and have it sent somewhere besides my address.  When I went WTF, called Alienware.. within a couple days they were able to track down who had done it, and whatnot.  Thankfully that's all I've ever had to deal with... and since they never called me, and it was obvious the computer was sent to a totally different state on the other side of the country... from where I live... it was an obvious and quickly fixed issue.  Sorry to hear about your probs Bill, all we can do is hope Karma burns them in the britches eh?
"Bad.. Good?  I'm the guy with the gun"
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sat Jun 21, 2008 10:46 pm

Re: Stolen CC#

The gas station is usually the acid test for a stolen card. They can run it for a low amount without having to make face-to-face contact with someone. Then, if it works, they move on to bigger things.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Sun Jun 22, 2008 7:34 am

Re: Stolen CC#

Yeah, agreed. Just have no idea how they got access to a physical copy of my card.

Quick update on this... The bank pretty much took care of it. They sent me something in the mail that I had to sign stating I wasn't the one that made the charges.

Also, I have since signed up for LifeLock Identity Theft Prevention and surprisingly feel a lot less worried. Anyone else use them, or considering it, and have any feedback?

BillV
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Sun Jun 22, 2008 8:00 am

Re: Stolen CC#

Hrmmm careful with the Lifelock folks. I have no personal experience with them, but there are medium bad things floating about here and there about them. The first one is the most disturbing to me.

http://blog.wired.com/27bstroke6/2007/06/lifelock_founde.html
http://www.cnn.com/2008/CRIME/05/22/lifelock.flap.ap/index.html?eref=rss_topstories
http://www.phoenixnewtimes.com/2007-05-31/news/what-happened-in-vegas/1
http://redtape.msnbc.com/2008/02/experian-sues-l.html
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Jun 23, 2008 10:21 am

Re: Stolen CC#

Thanks for the links and heads up. I had not heard of that stuff, or of Maynards background/story.

At first glance of just the article titles, the one that jumped out at me most was that last one about Experian filing a lawsuit against LifeLock.

The first 2 articles are pretty short, and the 3rd is a little more detailed. All 3 are pretty much covering the same topic, Maynard's history. Personally, his background/history of whether he had his identity stolen, who he owes money, what stuff he's done, etc. doesn't really concern me in any way. I could care less whether his story is true or not as it really doesn't have an affect on me either way.

Now, as far as the ruling about his past business, that's a bit different. If his past company was taking money out of the bank accounts of customers, that's certainly something to be concerned with. Is that going to cause me to cancel my subscription (or had it have changed my mind in the first place)? Probably not. I keep a pretty close eye on my bank account and credit cards as it is, so I'd certainly notice an extra charge. In addition, I signed up with my credit card so any extra charges should be fairly easily disputed if needed.

As for the whole Experian lawsuit, it seems a little ridiculous to me according to that article. I'm not quite sure what their motive would be for going after LifeLock though. Experian is calling it "illegal" to place fraud alerts consecutively? Come on.. It should be my decision if I want fraud alerts enabled. It seems much safer to me that way too, so why would they want to argue that? Their next complaint is deceptive advertising. I'm well aware that nothing is 100% and that LifeLock can't guarantee your protected identity. That's not what I signed up for. I signed up to have them take care of stuff that, yes, I could do myself and also for the added protection in the event my identity is stolen. Seems like something worthwhile to have rather than not have it. I think LifeLock pretty clearly states what they do and how they do it (as well as the fact that you can do it yourself) on their website. The next two complaints are just as stupid... "can't stop all identity theft" and "most services are free." I already covered that first one, and as for the second since when is it wrong to sell something that someone else can do on their own? I don't see anyone filing lawsuits against an auto shop since you can purchase parts and repair your vehicle on your own. I also don't see anyone filing lawsuits against Geek Squad for offering virus removal for $260 when someone can download/remove the virus for free on their own. You're paying for convenience, plain and simple. I'll be surprised if that lawsuit gets anywhere.

Thanks again for pointing that stuff out though. I'm certainly going to do some more research into this Maynard guy and LifeLock as well to see if I do come across anything that makes me change my mind.

BillV
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Mon Jun 23, 2008 11:20 am

Re: Stolen CC#

I'll be very curious to heard how things go for you. I see quite a bit of news about them good, bad, and otherwise, but very little from anyone talking about direct experience with them.
<<

venom77

User avatar

Hero Member
Hero Member

Posts: 1905

Joined: Mon Dec 11, 2006 3:23 pm

Post Mon Jun 23, 2008 12:30 pm

Re: Stolen CC#

Yeah, I'll certainly keep you/everyone updated. I've only been signed up for less than 2 weeks, so not so much experience with them thus far.

I did send them an email asking about the credit reports though. It's part of their program to request them and send them to you. I had asked if they are sent via postal mail or email, if they could be sent electronically, and if they can be sent encrypted. The reply was "you'll receive your report in X number of weeks via postal mail." No acknowledgment of my other questions. I guess they feel confident enough in their program to mail that stuff to you.

I have tested out the fraud alerts though, and that worked just as I would expect. I had attempted to open a new line of credit at a jewelry store and within 5 minutes a representative of the credit company called the store and asked to speak with me. They asked me questions regarding currently open lines of credit, previous addresses, and whether or not I pay a mortgage and if so how much (now I just need to worry about phone taps :P ). Right after that the credit was approved.

Pretty neat feature to have turned on even if you don't want to sign-up for LifeLock. It'd be worth the call to the credit bureau's to turn on fraud alerts (despite the fact that according to that article, Experian believes that should be illegal unless you feel identity theft is imminent... I suppose you could argue that you always feel like you may be a victim ;) )
<<

divine

Newbie
Newbie

Posts: 12

Joined: Mon Dec 11, 2006 5:11 pm

Location: Dallas

Post Mon Jun 23, 2008 2:59 pm

Re: Stolen CC#

Ok since I work in the credit reporting arena I will comment on the LifeLock lawsuit briefly. Understand that technically what LifeLock does IS VERY ILLEGAL. If you choose to put fraud alerts on your account. That is fine and dandy and any of the 3 bureau's (Experian, TransUnion, Equifax) will accomodate that. HOWEVER, let me explain what actually happens. ONLY you can put Fraud Alerts on your credit and Credit Fraud Alerts expire between 3-6 months after you call one in depending on which company you call, so what LifeLock does, is they call and SAY THEY ARE YOU!!!! and put an alert on your account again and again. THEY ARE POSING AS YOU on the phone and doing things on your behalf that you may not necessarily be okay with. THEY are committing fraud... they refuse to stop doing it, therefore the credit bureau's are forced to file suit to keep peoples information as safe as possible especially from people who would bend the law and abuse the power their customers give them....
-Jordan
CEPT, CREA, C|EH, MCSE:Security (too many others that I don't care about to list)
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Mon Jun 23, 2008 3:08 pm

Re: Stolen CC#

divine wrote:so what LifeLock does, is they call and SAY THEY ARE YOU!!!! and put an alert on your account again and again. THEY ARE POSING AS YOU on the phone and doing things on your behalf that you may not necessarily be okay with.


Ahh now that's interesting. I wasn't aware that they were doing that.
<<

oneeyedcarmen

User avatar

Full Member
Full Member

Posts: 233

Joined: Thu Jul 05, 2007 2:13 pm

Location: Baltimore, MD USA

Post Mon Jun 23, 2008 3:26 pm

Re: Stolen CC#

I was under the impression that by subscribing to their service, you were in essence giving them power of attorney.  In such case, this would NOT be illegal...however, it may be ill-advised.  I, being the suspicious mind that I am, have issues with even giving a car dealership temporary power of attorney to act on my behalf with the Motor Vehicle Administration.
Reluctant CISSP, Certified ASS
<<

jason

User avatar

Hero Member
Hero Member

Posts: 1013

Joined: Sat Jun 21, 2008 6:23 pm

Location: USA

Post Mon Jun 23, 2008 3:34 pm

Re: Stolen CC#

Hrmm scary....

9. Authorization: By accepting these terms and conditions, you expressly authorize LifeLock's authorized employees to: complete and execute on your behalf documents required to provide the Service; speak to parties on your behalf as required to provide the Service; and, act as your personal representative under 15 U.S.C. § 1681c-1, under which consumers or their authorized representatives have the right to obtain fraud alerts. In addition, in the event of, and as a condition to, you exercising your right to our Service Guarantee, you agree to execute a Limited Power of Attorney authorizing Lifelock's performance. Consistent with this Agreement, when you invoke our Service Guarantee, LifeLock shall promptly provide you such Limited Power of Attorney document and shall begin such assistance after we receive your executed Limited Power of Attorney authorizing our assistance.


https://secure.lifelock.com/enrollmentform.aspx
Next

Return to Other

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software